var-201808-0961
Vulnerability from variot
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames. Schneider Electric Modicon M221 Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. A security vulnerability exists in Schneider Electric Modicon M221 that stems from a program that fails to properly detect anomalies. The vulnerability could be exploited by a remote attacker to restart the Modicon M221. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0961",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modicon m221",
"scope": "lt",
"trust": 1.8,
"vendor": "schneider electric",
"version": "1.6.2.0"
},
{
"model": "electric modicon m221",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "1.5.0.1"
},
{
"model": "electric modicon m221",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "1.5.0.0"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "1.1.1.5"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.1"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.0"
},
{
"model": "modicon m221",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.6.2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon m221",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "BID",
"id": "105171"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_m221_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric, working with Yehonatan Kfir of Radiflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
}
],
"trust": 0.6
},
"cve": "CVE-2018-7789",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7789",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-05108",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137821",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7789",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7789",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7789",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-7789",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-05108",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-906",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137821",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-7789",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames. Schneider Electric Modicon M221 Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. A security vulnerability exists in Schneider Electric Modicon M221 that stems from a program that fails to properly detect anomalies. The vulnerability could be exploited by a remote attacker to restart the Modicon M221. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7789"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "BID",
"id": "105171"
},
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7789",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-18-240-02",
"trust": 2.9
},
{
"db": "BID",
"id": "105171",
"trust": 2.7
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-233-01",
"trust": 2.4
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-05108",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009",
"trust": 0.8
},
{
"db": "IVD",
"id": "7D862CA1-463F-11E9-BC27-000C29342CB1",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-98906",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-137821",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-7789",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"db": "BID",
"id": "105171"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"id": "VAR-201808-0961",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULHUB",
"id": "VHN-137821"
}
],
"trust": 1.8935065
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
}
]
},
"last_update_date": "2024-11-23T22:06:37.916000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2018-233-01",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-233-01+Modicon+M221.pdf\u0026p_Doc_Ref=SEVD-2018-233-01"
},
{
"title": "Schneider Electric Modicon M221 Remote Security Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/154317"
},
{
"title": "Schneider Electric Modicon M221 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123392"
},
{
"title": "CVE-2018-7789",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2018-7789 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-754",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-240-02"
},
{
"trust": 2.4,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-233-01/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/105171"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7789"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7789"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/754.html"
},
{
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2018-7789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"db": "BID",
"id": "105171"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"db": "VULHUB",
"id": "VHN-137821"
},
{
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"db": "BID",
"id": "105171"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-24T00:00:00",
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"date": "2019-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"date": "2018-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-137821"
},
{
"date": "2018-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"date": "2018-08-28T00:00:00",
"db": "BID",
"id": "105171"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"date": "2018-08-29T20:29:00.343000",
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-05108"
},
{
"date": "2018-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-137821"
},
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7789"
},
{
"date": "2018-08-28T00:00:00",
"db": "BID",
"id": "105171"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010009"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-906"
},
{
"date": "2024-11-21T04:12:44.300000",
"db": "NVD",
"id": "CVE-2018-7789"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Modicon M221 Remote Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d862ca1-463f-11e9-bc27-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2019-05108"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-906"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.